Merge branch 'topic/rack-fix-tls-listener'

* topic/rack-fix-tls-listener: rack: tls_listener: fix certificate extensions
author: Kazuki Yamaguchi <k@rhe.jp> 2016-05-08 16:24:53 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2016-05-08 16:24:53 +0900
commit: 60e7ce6f29bc40515074df712670bf61094549dd (patch)
tree: 3b9a360053f4cc6e91dbbaf316a5f1d115bbe4a3
parent: bf51162affc1b21c5fc6db5a88f206403a0fae9e (diff)
parent: 63eb73dd4041f75aa6085d499646c415d507af37 (diff)
download: plum-60e7ce6f29bc40515074df712670bf61094549dd.tar.gz
1 files changed, 2 insertions, 4 deletions
diff --git a/lib/plum/rack/listener.rb b/lib/plum/rack/listener.rb
index 1628ec7..4296e3c 100644
--- a/lib/plum/rack/listener.rb
+++ b/lib/plum/rack/listener.rb
@@ -127,11 +127,9 @@ module Plum
         cert.serial = rand((1 << 20) - 1)
         cert.version = 2
 
-        ef = OpenSSL::X509::ExtensionFactory.new
-        ef.subject_certificate = cert
-        ef.issuer_certificate = cert
+        ef = OpenSSL::X509::ExtensionFactory.new(cert, cert)
         cert.extensions = [
-          ef.create_extension("basicConstraints", "CA:TRUE", true),
+          ef.create_extension("subjectKeyIdentifier", "hash")
         ]
         cert.sign(key, OpenSSL::Digest::SHA256.new)
author	Kazuki Yamaguchi <k@rhe.jp>	2016-05-08 16:24:53 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2016-05-08 16:24:53 +0900
commit	60e7ce6f29bc40515074df712670bf61094549dd (patch)
tree	3b9a360053f4cc6e91dbbaf316a5f1d115bbe4a3
parent	bf51162affc1b21c5fc6db5a88f206403a0fae9e (diff)
parent	63eb73dd4041f75aa6085d499646c415d507af37 (diff)
download	plum-60e7ce6f29bc40515074df712670bf61094549dd.tar.gz